hi guys, I have been reading /usr/share/postfix/main.cf.dist lately as well as some postfix dokus and had some questions about what I found there. 1. 2. 3. 4.
As long as the user has a valid username and password for SMTP-AUTH or is sending directly from the server (e.g. with webmail) or sends a mail to a recipient on the server he can use whatever sender address he likes. You cannot prevent the user from faking the sender address. No. I'd try it for a few days and then check if too many valid emails have been rejected.